Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 12.04 ESM and 14.04 ESM: USN-4263-2 Sudo Access Threat

ubuntu
Calendar Grey February 5, 2020
Dist Ubuntu Esm H88
A security flaw in sudo could enable unauthorized users to gain admin access on Ubuntu versions 12.04 and 14.04 ESM.
Sudo could allow unintended access to the administrator account.

Summary

Sudo could allow unintended access to the administrator account.

Software Description:

- sudo: Provide limited super user privileges to specific users

Details:

USN-4263-1 fixed a vulnerability in Sudo. This update provides

the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

Joe Vennix discovered that Sudo incorrectly handled memory operations when

the pwfeedback option is enabled. A local attacker could possibly use this

issue to obtain unintended access to the administrator account.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  sudo                            1.8.9p5-1ubuntu1.5+esm3
  sudo-ldap                       1.8.9p5-1ubuntu1.5+esm3

Ubuntu 12.04 ESM:
  sudo                            1.8.3p1-1ubuntu3.9
  sudo-ldap                       1.8.3p1-1ubuntu3.9

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4263-2

https://ubuntu.com/security/notices/USN-4263-1

CVE-2019-18634

Severity
important
Lowest
Low
Medium
High
Critical

February 05, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here